Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/52630693-0f5d-4126-ba07-ad0c0c999660.roa
File: 52630693-0f5d-4126-ba07-ad0c0c999660.roa (raw, json)
Hash identifier: zOq8VX4jIFzcpI6MshfVfLNlfh3H04XQQKY8y43gUuk=
Subject key identifier: 35:49:FC:18:80:A4:FE:C4:D9:7B:F7:B4:49:AC:D6:57:A7:15:19:3D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7363331C6193F2460B1BB02BCFF9DED0D77C1283
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/52630693-0f5d-4126-ba07-ad0c0c999660.roa
Signing time: Mon 01 Sep 2025 20:41:11 +0000
ROA not before: Mon 01 Sep 2025 20:41:11 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:63:33:1c:61:93:f2:46:0b:1b:b0:2b:cf:f9:de:d0:d7:7c:12:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:41:11 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=c85ba330be22df15c001d1d98165a9f3f5f548605d63625f3ec8693ddc3b1d21, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:16:30:28:ed:d0:f3:b8:bb:93:03:f8:ec:fd:
62:f6:de:6a:b6:45:5d:56:0e:a9:82:1a:25:6e:e7:
33:13:96:52:9e:ae:f2:bb:da:18:1d:6a:a3:20:34:
e4:1a:2c:3c:17:a4:00:a1:85:a2:aa:d9:7b:6b:a0:
54:4c:73:2b:c5:81:25:9f:5f:d1:44:34:c9:13:f5:
3b:e9:44:c7:2d:36:b1:71:5b:c5:64:bc:9c:d1:a0:
9d:7d:cd:2c:19:0a:a6:b7:00:2c:37:b5:9f:6b:68:
e5:a5:a0:00:c1:bd:78:a3:5b:47:61:18:aa:fe:8f:
b0:60:a0:38:aa:08:fb:90:0e:55:b7:3a:66:9c:7a:
17:f9:f4:cb:a5:f2:65:b1:35:c1:0e:80:00:ce:1a:
67:1a:55:e4:78:e5:49:8a:92:6a:b3:60:4a:00:03:
06:fa:3d:d4:48:26:4b:fd:67:ce:58:65:54:cb:3f:
37:21:7d:59:c6:48:dd:21:5a:bd:12:c2:54:d2:05:
96:67:12:69:58:c1:fc:49:0b:5c:16:2d:bd:80:0d:
98:52:97:18:e7:d4:63:aa:5f:b2:24:13:d0:13:b9:
29:78:14:cb:5d:3d:e0:5b:c3:04:9c:6e:e5:34:90:
3f:87:6a:db:91:6e:03:85:4f:93:fe:32:d8:a9:4a:
18:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:49:FC:18:80:A4:FE:C4:D9:7B:F7:B4:49:AC:D6:57:A7:15:19:3D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/52630693-0f5d-4126-ba07-ad0c0c999660.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:e000::/40
Signature Algorithm: sha256WithRSAEncryption
09:6e:e2:26:dd:1f:41:8c:09:bb:8a:42:b9:1c:74:7f:cc:b2:
47:38:4b:fd:ec:b5:ab:a2:70:a2:8b:b0:ff:80:92:20:27:4f:
4d:4b:b5:dc:90:f6:ed:7c:14:42:0f:ad:c2:23:4c:a5:98:9d:
fb:86:bb:c1:ee:3d:3a:80:f6:f7:70:a2:c0:11:7f:75:1f:56:
77:b2:db:7e:b3:4e:98:ca:65:bd:68:0b:cb:4e:5a:66:d7:fd:
87:48:2e:cd:a4:8d:cc:df:c3:e0:ac:0a:d0:34:57:a7:22:f9:
61:fd:74:ee:54:8f:c1:88:71:cf:ff:e7:77:05:4e:b0:d1:a2:
21:67:a5:31:6e:58:3f:2d:75:c4:5f:36:f0:e5:6d:ae:00:e8:
a4:15:5f:b1:62:8a:c3:e6:ae:9f:96:29:71:a8:14:1e:88:5c:
c2:88:08:b4:5d:47:0a:4d:14:2e:31:cb:a2:44:07:a8:b1:1a:
62:af:6a:08:b4:57:f6:14:cc:f7:6f:4f:bb:11:fd:2f:39:4b:
5d:71:34:42:a7:bc:22:05:c9:f8:40:71:25:31:d5:c3:fb:51:
18:16:d1:ad:c1:95:5d:55:fd:4f:08:40:0d:b9:64:0b:76:9f:
35:d8:3b:80:90:20:55:a6:82:df:59:bd:21:80:0e:29:76:10:
d4:c0:f6:d0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUc2MzHGGT8kYLG7Arz/ne0Nd8EoMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDQxMTFaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGM4NWJhMzMwYmUyMmRmMTVjMDAxZDFkOTgxNjVhOWYzZjVmNTQ4NjA1ZDYz
NjI1ZjNlYzg2OTNkZGMzYjFkMjExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALkWMCjt0PO4u5MD+Oz9YvbearZFXVYOqYIaJW7nMxOWUp6u8rvaGB1qoyA0
5BosPBekAKGFoqrZe2ugVExzK8WBJZ9f0UQ0yRP1O+lExy02sXFbxWS8nNGgnX3N
LBkKprcALDe1n2to5aWgAMG9eKNbR2EYqv6PsGCgOKoI+5AOVbc6Zpx6F/n0y6Xy
ZbE1wQ6AAM4aZxpV5HjlSYqSarNgSgADBvo91EgmS/1nzlhlVMs/NyF9WcZI3SFa
vRLCVNIFlmcSaVjB/EkLXBYtvYANmFKXGOfUY6pfsiQT0BO5KXgUy1094FvDBJxu
5TSQP4dq25FuA4VPk/4y2KlKGCMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ1SfwY
gKT+xNl797RJrNZXpxUZPTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTI2MzA2OTMtMGY1ZC00MTI2LWJhMDctYWQwYzBjOTk5NjYwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HHg
MA0GCSqGSIb3DQEBCwUAA4IBAQAJbuIm3R9BjAm7ikK5HHR/zLJHOEv97LWronCi
i7D/gJIgJ09NS7XckPbtfBRCD63CI0ylmJ37hrvB7j06gPb3cKLAEX91H1Z3stt+
s06YymW9aAvLTlpm1/2HSC7NpI3M38PgrArQNFenIvlh/XTuVI/BiHHP/+d3BU6w
0aIhZ6Uxblg/LXXEXzbw5W2uAOikFV+xYorD5q6flilxqBQeiFzCiAi0XUcKTRQu
McuiRAeosRpir2oItFf2FMz3b0+7Ef0vOUtdcTRCp7wiBcn4QHElMdXD+1EYFtGt
wZVdVf1PCEANuWQLdp812DuAkCBVpoLfWb0hgA4pdhDUwPbQ
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:14:52 2025 by rpki-client